Overview

overview

10

Static

static

3

95d0acb610...18.exe

windows7-x64

10

95d0acb610...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    95d0acb610be2cd0a319f58d7edfe39b_JaffaCakes118

  • Size

    361KB

  • Sample

    240814-m3e3fstann

  • MD5

    95d0acb610be2cd0a319f58d7edfe39b

  • SHA1

    692c81fffe4696b486c0e245b8904448505f41d6

  • SHA256

    0dee414bd486dd4371dcb72f153b1cefc1ae7233d3e0fe923c3df51314e19775

  • SHA512

    5e2ac3044dd014b7771c102114322ff3a65c6d11102988cebda17eb2344d456f62bb4b8c17905e6d58c087f6dab98c041c9fa1df9c7c80c708332daeb3d15882

  • SSDEEP

    6144:WL6YaKKnuuBliQ7i1NodWRDOLclyjdCxvcE+yPWRptI4ychhUCuwc+v9xHD+GcRd:WeYadBZi1NodWRQkjWRptI4ychD2+v9

Score
10/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      95d0acb610be2cd0a319f58d7edfe39b_JaffaCakes118

    • Size

      361KB

    • MD5

      95d0acb610be2cd0a319f58d7edfe39b

    • SHA1

      692c81fffe4696b486c0e245b8904448505f41d6

    • SHA256

      0dee414bd486dd4371dcb72f153b1cefc1ae7233d3e0fe923c3df51314e19775

    • SHA512

      5e2ac3044dd014b7771c102114322ff3a65c6d11102988cebda17eb2344d456f62bb4b8c17905e6d58c087f6dab98c041c9fa1df9c7c80c708332daeb3d15882

    • SSDEEP

      6144:WL6YaKKnuuBliQ7i1NodWRDOLclyjdCxvcE+yPWRptI4ychhUCuwc+v9xHD+GcRd:WeYadBZi1NodWRQkjWRptI4ychD2+v9

    Score
    10/10
    discoverypersistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks